Database Reference
In-Depth Information
The following screenshot shows a simulation for the InFission Payables Manager
Responsibility:
Keep in mind that the access point grid will show all access points involved in
incidents of the selected controls. The model shows the entire access security
hierarchy of the access point applied. In other words, the simulation model shows
the data from the security model of the datasource, regardless of incidents.
The goal of using simulation is to get an idea of:
• What users and roles have access to my modeled access point?
• What access paths is my modeled access point involved in?
• What conlict paths would I clean up if I remove access point A from
access point B?
° What user incidents would that impact?
° What role incidents would that impact?
° What controls would that impact?
° What conflict paths would remain that I still need to work on
cleaning up?
° What other users and roles would I affect, regardless of incidents?
• What is the remediation plan I am comfortable with so I can send it to the
person in charge of the business system security model to make the changes?
Search WWH ::
Custom Search